Skip to content

Commit

Permalink
Bump rexml to resolve security advisory (#10953)
Browse files Browse the repository at this point in the history 
* Bump rexml to resolve security advisory

changelog: Internal, Dependencies, Update dependencies to resolve security advisories

* Add rexml as explicit dependency

Since we use it in our code, it should be an explicit dependency

See: https://github.com/18F/identity-idp/blob/ea8a6081961d6c373a870dd5fea31efce89fde7e/app/services/proofing/aamva/request/verification_request.rb#L60-L102

* Sync AAMVA fixture to expected output

Likely a result of ruby/rexml#164
  • Loading branch information
@aduth
aduth committed Jul 17, 2024
1 parent ea8a608 commit 87c1d60
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 2 deletions.
1 change: 1 addition & 0 deletions Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,7 @@ gem 'redacted_struct'
gem 'redis', '>= 3.2.0'
gem 'redis-session-store', github: '18F/redis-session-store', tag: 'v1.0.1-18f'
gem 'retries'
gem 'rexml', '~> 3.3'
gem 'rotp', '~> 6.3', '>= 6.3.0'
gem 'rqrcode'
gem 'ruby-progressbar'
Expand Down
3 changes: 2 additions & 1 deletion Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -573,7 +573,7 @@ GEM
actionpack (>= 5.0)
railties (>= 5.0)
retries (0.0.5)
rexml (3.3.1)
rexml (3.3.2)
strscan
rotp (6.3.0)
rouge (4.2.0)
Expand Down Expand Up @@ -832,6 +832,7 @@ DEPENDENCIES
redis (>= 3.2.0)
redis-session-store!
retries
rexml (~> 3.3)
rotp (~> 6.3, >= 6.3.0)
rqrcode
rspec (~> 3.13.0)
Expand Down
2 changes: 1 addition & 1 deletion spec/fixtures/proofing/aamva/requests/verification_request.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,4 +34,4 @@
</dldv:verifyDriverLicenseDataRequest>
</dldv:VerifyDriverLicenseData>
</soap:Body>
</soap:Envelope>
</soap:Envelope>

0 comments on commit 87c1d60

Please sign in to comment.